General Data Protection Regulations (“GDPR”) Notice

As some of our users are located in countries subject to the General Data Protection Regulations (“GDPR”), as amended, we are providing this GDPR Notice. You are subject to the GDPR if you are a resident of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, along with Switzerland and the United Kingdom under their domestic laws. Residents of Iceland, Lichtenstein, and Norway are similarly subject to these regulations under the domestic laws of those countries, as well.

The purpose of this notice is to make clear how we are complying with the GDPR when it comes to your personal information. The GDPR gives you the right:

To be informed about the processing of your personal information – what we do with the data we collect from you;
To have your personal information corrected if it is inaccurate and to have incomplete personal information completed – if you think the data we have is not totally accurate;
To object to the processing of your personal information – refuse to permit us to do anything with your data;
To restrict processing of your personal information – to limit what we can do with your data;
To have your personal information erased (the “right to be forgotten”) – to have your personal data deleted from our system;
To request access to your personal information and to obtain information about how we process it – so that you may confirm what data we have and what we do with it;
To move, copy or transfer your personal information (“data portability”) – so that you can transfer/move your personal data;
In relation to automated decision making which has a legal effect or otherwise significantly affects you – to clarify any remaining questions about what we do with your personal data.

If you wish to exercise any of these rights, you may contact us at gro.f1715554420tasc@1715554420ycavi1715554420rp1715554420 or Contract Services Administration Trust Fund, 2710 Winona Ave., Burbank, CA 91504. Attention: Information Technology Department.

Our goal is to collect and use only that information which is necessary for our legitimate business interests, such as to better understand and serve you, to give you a better experience with any website, application or other platform we offer and to offer the services we provide, and also to allow you to access your personal information and your training records.

We may collect some or all of the following information from you:

Name,
Address,
Social Security Number,
Driver’s License number,
Medical Examiner’s Certificates,
Color vision tests
Date of birth,
Email address,
Telephone number(s),
Account credentials,
Account security questions and answers,
Where relevant, substance testing and/or alcohol testing records, and
Information relating to services administered by Contract Services Administration Trust Fund and Contract Services Administration Training Trust Fund (“Contract Services”)

We will use the personal information you provide to us when you use our services in order to (1) report courses taken; (2) report test results status; (3) contact you by mail; (4) contact you by email; (5) track your usage of any website, application or other platform through which you access our services; and (6) to measure, customize and improve our website and/or application and otherwise provide our services to you. If you visit our premises, you will be subject to our security surveillance practices, wherein video is retained on average for two (2) months and only reviewed if an incident is reported. If you leave us a voice mail message, your message will obviously have been recorded. Once the voice mail message is retrieved and transcribed for further action, it is deleted. Otherwise, we do not video or audio record any interactions with you, although we may take notes about your visit which will be securely stored electronically.

If we contact you for marketing purposes, we will do so only in accord with your preferences. You may stop these emails by contacting us at gro.f1715554420tasc@1715554420ycavi1715554420rp1715554420.

Our servers are generally located in the U.S. but we may from time to time store data on servers outside the U.S. You agree we may collect, use, transfer and process our data either in the U.S. or elsewhere. If we transfer your data outside the U.S., we will have suitable safeguards in place, such as contractual agreements, unless exceptions apply.

Access to your data is shared on a need to know basis with our employees, agents, contactors and sub-contractors, and our related and affiliated individuals and entities and their respective employees, agents, contractors and sub-contractors. Access, therefore, also includes reporting test results to your local union, employer, potential employers and similar business/professional individuals and entities.

Any personal data of yours which we maintain will be kept for only so long as we have a reasonable business need for that data, such as managing our relationship with you and managing our operations. Otherwise, your data will be retained for up to death plus ten (10) years.

The provisions of this GDPR Notice are in addition to our privacy policy which can be found here: https://portal.csatf.org/privacy-policy